34,333
edits
Changes
→Creating Partitions for Bitlocker Drive Encryption
BitLocker Drive Encryption requires that there be two partitions on the hard disk drive. The first partition is referred to as the ''system volume'' and contains the unencrypted boot information. The second partition is referred to as the ''operating system volume''. This is the volume which will be encrypted and contains the operating system and user data.
The system volume must be at least 1.5Gb in size and must be created before proceeding with the Bitlocker BitLocker Drive Encryption process. This volume can be created either by using unallocated space on a drive, taking space from an existing volume, or merging multiple smaller volumes to create a single the boot files can be ''merged'' into an another existing volume (other than the operating system volume). In order to ease the process of creating the system volume Microsoft provides a tool called the ''Bitlocker Driver Preparation Tool''. This tool may be downloaded from the [http://www.microsoft.com/downloads/details.aspx?FamilyID=320b9aa9-47e8-44f9-b8d0-4d7d6a75add0&displaylang=en Microsoft website].
Once the tool has been downloaded and installed it should appear in ''Start->Accessories->System Tools->BitLocker->BitLocker Drive Preparation Tool''. The tool itself is installed as the executable ''%ProgramFiles%\BitLocker\BdeHdCfg.exe''. The tool may either be run as a graphical tool or run from a command prompt with a variety of command-line options to perform the required task.
<pre>
bdehdcfg -target c: shrink -newdriveletter s: -size 1500
</pre>
Finally, if a partition other than the operating system volume exists the boot files can be merged onto this partition. Once the merge is complete the partition must be assigned as the active partition. This process can be achieved using the ''-merge'' option. For example, the following command merges the boot files onto the D: volume:
<pre>
</pre>
== Enabling Bitlocker Drive Encryption ==
